Use-After-Free Vulnerability in Linux Kernel's Socket Implementation
CVE-2026-43016

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 May 2026

What is CVE-2026-43016?

A use-after-free vulnerability in the Linux kernel's socket implementation affects the handling of AF_UNIX sockets during data readiness calls. Specifically, in the function sk_psock_verdict_data_ready(), if a socket is orphaned while being accessed, it can lead to accessing a freed reference, resulting in a potential denial of service or buffer corruption. This issue arises when a peer socket's data readiness signal is processed after the socket state lock is released, allowing the freeing of the socket's structure after an RCU grace period. Therefore, the peer's socket may be accessed incorrectly, leading to heap memory corruption.

Affected Version(s)

Linux c63829182c37c2d6d0608976d15fa61ebebe9e6b < 8d597e3e74027900ffa81b8ff47ab51999a3e110

Linux c63829182c37c2d6d0608976d15fa61ebebe9e6b < 68187f18a89be4b6237d28ae1313b5adf76238c6

Linux c63829182c37c2d6d0608976d15fa61ebebe9e6b < 18861f87a043e78b1f901cae4237e755ed7ef095

References

https://git.kernel.org/stable/c/8d597e3e74027900ffa81b8ff...

https://git.kernel.org/stable/c/68187f18a89be4b6237d28ae1...

https://git.kernel.org/stable/c/18861f87a043e78b1f901cae4...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 1, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43016 Data

JSON